Hide Navigation Hide TOC File Download Via Windows Defender MpCmpRun.EXE (46123129-1024-423e-9fae-43af4a0fa9a5) Detects the use of Windows Defender MpCmdRun.EXE to download files Cluster A Galaxy A Cluster B Galaxy B Level System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) Attack Pattern File Download Via Windows Defender MpCmpRun.EXE (46123129-1024-423e-9fae-43af4a0fa9a5) Sigma-Rules 1 Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) Attack Pattern File Download Via Windows Defender MpCmpRun.EXE (46123129-1024-423e-9fae-43af4a0fa9a5) Sigma-Rules 1